search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Special:Upload should not crash on failing previews"
[mediawiki.git] / includes / api / ApiUserrights.php
blob4ef974cfcee68ab07ded307693d8bc1b9a5112cb
1 <?php
2
3 /**
4 *
5 *
6 * Created on Mar 24, 2009
7 *
8 * Copyright © 2009 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
23 * http://www.gnu.org/copyleft/gpl.html
24 *
25 * @file
26 */
27
28 /**
29 * @ingroup API
30 */
31 class ApiUserrights extends ApiBase {
32
33 private $mUser = null;
34
35 /**
36 * Get a UserrightsPage object, or subclass.
37 * @return UserrightsPage
38 */
39 protected function getUserRightsPage() {
40 return new UserrightsPage;
41 }
42
43 /**
44 * Get all available groups.
45 * @return array
46 */
47 protected function getAllGroups() {
48 return User::getAllGroups();
49 }
50
51 public function execute() {
52 $pUser = $this->getUser();
53
54 // Deny if the user is blocked and doesn't have the full 'userrights' permission.
55 // This matches what Special:UserRights does for the web UI.
56 if ( $pUser->isBlocked() && !$pUser->isAllowed( 'userrights' ) ) {
57 $this->dieBlocked( $pUser->getBlock() );
58 }
59
60 $params = $this->extractRequestParams();
61
62 $user = $this->getUrUser( $params );
63
64 $tags = $params['tags'];
65
66 // Check if user can add tags
67 if ( !is_null( $tags ) ) {
68 $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $tags, $pUser );
69 if ( !$ableToTag->isOK() ) {
70 $this->dieStatus( $ableToTag );
71 }
72 }
73
74 $form = $this->getUserRightsPage();
75 $form->setContext( $this->getContext() );
76 $r['user'] = $user->getName();
77 $r['userid'] = $user->getId();
78 list( $r['added'], $r['removed'] ) = $form->doSaveUserGroups(
79 $user, (array)$params['add'],
80 (array)$params['remove'], $params['reason'], $tags
81 );
82
83 $result = $this->getResult();
84 ApiResult::setIndexedTagName( $r['added'], 'group' );
85 ApiResult::setIndexedTagName( $r['removed'], 'group' );
86 $result->addValue( null, $this->getModuleName(), $r );
87 }
88
89 /**
90 * @param array $params
91 * @return User
92 */
93 private function getUrUser( array $params ) {
94 if ( $this->mUser !== null ) {
95 return $this->mUser;
96 }
97
98 $this->requireOnlyOneParameter( $params, 'user', 'userid' );
99
100 $user = isset( $params['user'] ) ? $params['user'] : '#' . $params['userid'];
101
102 $form = $this->getUserRightsPage();
103 $form->setContext( $this->getContext() );
104 $status = $form->fetchUser( $user );
105 if ( !$status->isOK() ) {
106 $this->dieStatus( $status );
107 }
108
109 $this->mUser = $status->value;
110
111 return $status->value;
112 }
113
114 public function mustBePosted() {
115 return true;
116 }
117
118 public function isWriteMode() {
119 return true;
120 }
121
122 public function getAllowedParams() {
123 return [
124 'user' => [
125 ApiBase::PARAM_TYPE => 'user',
126 ],
127 'userid' => [
128 ApiBase::PARAM_TYPE => 'integer',
129 ],
130 'add' => [
131 ApiBase::PARAM_TYPE => $this->getAllGroups(),
132 ApiBase::PARAM_ISMULTI => true
133 ],
134 'remove' => [
135 ApiBase::PARAM_TYPE => $this->getAllGroups(),
136 ApiBase::PARAM_ISMULTI => true
137 ],
138 'reason' => [
139 ApiBase::PARAM_DFLT => ''
140 ],
141 'token' => [
142 // Standard definition automatically inserted
143 ApiBase::PARAM_HELP_MSG_APPEND => [ 'api-help-param-token-webui' ],
144 ],
145 'tags' => [
146 ApiBase::PARAM_TYPE => 'tags',
147 ApiBase::PARAM_ISMULTI => true
148 ],
149 ];
150 }
151
152 public function needsToken() {
153 return 'userrights';
154 }
155
156 protected function getWebUITokenSalt( array $params ) {
157 return $this->getUrUser( $params )->getName();
158 }
159
160 protected function getExamplesMessages() {
161 return [
162 'action=userrights&user=FooBot&add=bot&remove=sysop|bureaucrat&token=123ABC'
163 => 'apihelp-userrights-example-user',
164 'action=userrights&userid=123&add=bot&remove=sysop|bureaucrat&token=123ABC'
165 => 'apihelp-userrights-example-userid',
166 ];
167 }
168
169 public function getHelpUrls() {
170 return 'https://www.mediawiki.org/wiki/API:User_group_membership';
171 }
172 }
MediaWiki Core